Vulnerabilities > IBM > Sterling Secure Proxy > 6.1.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-15 | CVE-2024-41784 | Path Traversal vulnerability in IBM Sterling Secure Proxy IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, and 6.1.0.0 could allow a remote attacker to traverse directories on the system. | 7.5 |
| 2024-03-15 | CVE-2023-46181 | Unspecified vulnerability in IBM Sterling Secure Proxy 6.0.3/6.1.0 IBM Sterling Secure Proxy 6.0.3 and 6.1.0 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2024-03-15 | CVE-2023-47147 | Unspecified vulnerability in IBM Sterling Secure Proxy 6.0.3/6.1.0 IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow an attacker to overwrite a log message under specific conditions. | 5.3 |
| 2024-03-15 | CVE-2023-47699 | Unspecified vulnerability in IBM Sterling Secure Proxy 6.0.3/6.1.0 IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site scripting. | 6.1 |
| 2024-03-15 | CVE-2023-46179 | Unspecified vulnerability in IBM Sterling Secure Proxy 6.0.3/6.1.0 IBM Sterling Secure Proxy 6.0.3 and 6.1.0 does not set the secure attribute on authorization tokens or session cookies. | 4.3 |
| 2024-03-15 | CVE-2023-46182 | Unspecified vulnerability in IBM Sterling Secure Proxy 6.0.3/6.1.0 IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site scripting. | 5.4 |
| 2024-03-15 | CVE-2023-47162 | Unspecified vulnerability in IBM Sterling Secure Proxy 6.0.3/6.1.0 IBM Sterling Secure Proxy 6.0.3 and 6.1.0 is vulnerable to cross-site scripting. | 6.1 |
| 2023-09-05 | CVE-2023-32338 | Insufficiently Protected Credentials vulnerability in IBM products IBM Sterling Secure Proxy and IBM Sterling External Authentication Server 6.0.3 and 6.1.0 stores user credentials in plain clear text which can be read by a local user with container access. | 5.5 |